Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it's official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you're on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

HHS Incident Response Capability

FISMA requires Federal agencies to implement policies and procedures for detecting, reporting, and responding to security incidents. Increased threats to critical cyber-based infrastructure systems have created a need for Government agencies to increase their computer security efforts. Incidents involving cyber security and privacy threats, such as malware, malicious user activity, and vulnerabilities associated with highly interconnected technology require a skilled and rapid response to reduce their likelihood and to reduce or mitigate loss or destruction of data, loss of funds, loss of productivity, and damage to the agency's reputation. We will determine whether HHS has sufficiently implemented incident response capabilities to safeguard the Department's information technology systems and data.

Announced or Revised Agency Title Component Report Number(s) Expected Issue Date (FY)
September 2017 Office of the Assistant Secretary for Administration HHS Incident Response Capability Office of Audit Services A-18-17-04002 2020